AWS WAF gets disassociated without any warning

0

AWS WAF can get disassociated without any warning. Could we please get at least an email? Something like: [Attention Required] WAF disassociated you are now exposed to all the internet.

We are using AWS Load Balancer Controller and the WAF stopped working without notice until we found this: https://github.com/kubernetes-sigs/aws-load-balancer-controller/issues/2219 But even now I cannot guarantee that the WAF will stay up...

質問済み 1年前543ビュー
3回答
1

I’ve never seen this myself. I have seen a WAF ACL applied to many ALBs but never seen a WAF disappear from an ALB.

How are you associating them?

profile picture
エキスパート
回答済み 1年前
0

Through the aws management console. But this is not the point.

Any state changes on a WAF should trigger an email notification. If you agree, can you please upvote my question so that it gets seen?

Thanks in advance

回答済み 1年前
  • What do you mean by state change?

0

You can check the Cloud Trail logs to see why ALB is getting disassociated from WAF. DisassociateWebACL is the API that disassociates the specified regional application resource from any existing web ACL association. Additionally, check if you have Firewall Manager (FMS) thats controlling the WAF integration. If yes, review the rules that you have in FMS that might be preventing the association of ALB to WAF.

AWS
回答済み 5ヶ月前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン